package top.vains.config.shiro;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import top.vains.entity.User;
import top.vains.util.JwtUtils;

/**
 * 该类可以确定是否提供了AuthenticationToken凭证系统中存储的相应账户凭证匹配
 * shiro 加密匹配，重写匹配方法CredentialsMatcher,使用jwt的匹配方式
 *
 * @author vains
 * @version 1.0
 * @since 2020/2/18 15:39
 **/
@Slf4j
public class JwtCredentialsMatcher implements CredentialsMatcher {

    @Override
    public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
        String token = ((JwtToken) authenticationToken).getToken();
        User user = (User) authenticationInfo.getPrincipals().getPrimaryPrincipal();
        // 得到验证记过
        boolean verify = JwtUtils.isVerify(token, user);
        log.info("token 的验证结果为：{}", verify);
        return verify;
    }
}
